MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a tool that puts together commonly used mobile application reverse engineering and analysis tools, to assist in testing mobile applications against the OWASP mobile security threats. Its objective is to make this task easier and friendlier to mobile application developers and security professionals.
How to Install The Tool
Installation of Mara_Framework is a straightforward process. The tool can be installed by cloning the Github repository
After downloading the tool. Install the setup file “.setup.sh”
Demo
MARA_Framework Usage Example
Options
-s, --apk - analyze apk file
-d, --dex - analyze dex file
-j, --jar - analyze jar file
-c, --class - analyze class file
-m, --multiple-apk - analyze multiple apk files
-x, --multiple-dex - analyze multiple dex files
-r, --multiple-jar - analyze multiple jar files
-h, --help - print this help
Example
apk file analysis e.g ./mara.sh -s
dex file analysis e.g ./mara.sh -d
jar file analysis e.g ./mara.sh -j
class file analysis e.g ./mara.sh -c
multiple apk analysis e.g ./mara.sh -m
multiple dex analysis e.g ./mara.sh -x
multiple jar analysis e.g ./mara.sh -r
Report
You can view report in the (data/nameoftheapkfile/analysis/static/vulnerabilities/vulnerability_report.html) directory